﻿using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Linq;
using System.Text;
using System.Web;
using VideoNetApplication.Common.Helper;
using VideoNetApplication.Common.Service;

namespace VideoNetApplication.Common
{
 public   class UserBasePage:BasePage
    {
     protected override void OnLoad(EventArgs e)
     {
         if (MembershipService.GetUser() == null)
         {



             Response.Redirect(ResolveClientUrl("~/UserLogin.aspx") + "?schoolId=" + SchoolId+ "&ReturnUrl=" + StringUtils.GetWebConfigValue("BaseUrl") + HttpContext.Current.Request.RawUrl);
         }


         base.OnLoad(e);
     }

     protected override void OnInit(EventArgs e)
     {
         //SQL防注入攻击
         if (Request.QueryString.Count > 0)
         {
             int loop1;
             NameValueCollection coll = Request.QueryString;
             String[] arr1 = coll.AllKeys;
             for (loop1 = 0; loop1 < arr1.Length; loop1++)
             {
                 String[] arr2 = coll.GetValues(arr1[loop1]);
                 int loop2;
                 for (loop2 = 0; loop2 < arr2.Length; loop2++)
                 {
                     string SQL_Repdata = ";--|exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare|create|drop";
                     String[] arr3 = SQL_Repdata.Split(char.Parse("|"));
                     int loop3;
                     for (loop3 = 0; loop3 < arr3.Length; loop3++)
                     {
                         if (arr2[loop2].ToLower().Trim().IndexOf(arr3[loop3]) > -1)
                         {
                             Response.Write("系统警告：你的行为被系统认定为[非法用户行为]！如有任何疑问,请和网站管理员联系。");
                             Response.End();
                         }
                     }
                 }
             }
         }
         base.OnInit(e);
     }
    }
}
